Netlas vs Censys: A Comprehensive Analysis ๐งฎ
A new article in our series of comparisons with competitors.
This time we evaluated the pros and cons of Censys, which proved to be the strongest of our opponents. However, we tried to evaluate both search engines as honestly as possible, using 10+ key indicators.
๐ Read now: https://netlas.io/blog/netlas_vs_censys/
A new article in our series of comparisons with competitors.
This time we evaluated the pros and cons of Censys, which proved to be the strongest of our opponents. However, we tried to evaluate both search engines as honestly as possible, using 10+ key indicators.
๐ Read now: https://netlas.io/blog/netlas_vs_censys/
netlas.io
Netlas vs Censys - Netlas Blog
Compare IoT search engines Netlas and Censys, highlighting their features, strengths, and ideal use cases for security research.
๐4๐พ4โค3
CVE-2025-25064, -25065: Two vulnerabilities in Zimbra, 5.3 - 9.8 rating ๐ฅ
Vulnerabilities include SQL injection and SSRF, which could potentially lead to RCE. We recommend installing the latest patches as soon as possible.
Search at Netlas.io:
๐ Link: https://nt.ls/nehV7
๐ Dork: http.favicon.hash_sha256:1afd891aacc433e75265e3ddc9cb4fc63b88259977811384426c535037711637 OR \*.banner:"Zimbra"
Vendor's advisory: https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
Vulnerabilities include SQL injection and SSRF, which could potentially lead to RCE. We recommend installing the latest patches as soon as possible.
Search at Netlas.io:
๐ Link: https://nt.ls/nehV7
๐ Dork: http.favicon.hash_sha256:1afd891aacc433e75265e3ddc9cb4fc63b88259977811384426c535037711637 OR \*.banner:"Zimbra"
Vendor's advisory: https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
๐ฅ3๐พ2
CVE-2025-22467: RCE in Ivanti Connect Secure, 9.9 rating ๐ฅ๐ฅ๐ฅ
A stack-based buffer overflow in Ivanti Connect Secure allows a remote authenticated attacker to achieve remote code execution.
Search at Netlas.io:
๐ Link: https://nt.ls/WojuE
๐ Dork: http.body:"welcome.cgi?p=logo"
Vendor's advisory: https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US
A stack-based buffer overflow in Ivanti Connect Secure allows a remote authenticated attacker to achieve remote code execution.
Search at Netlas.io:
๐ Link: https://nt.ls/WojuE
๐ Dork: http.body:"welcome.cgi?p=logo"
Vendor's advisory: https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US
๐ฅ6๐2๐พ1
CVE-2025-0376 and other: Multiple vulnerabilitites in GitLab, 4.2 - 8.7 ratingโ๏ธ
With the new release, GitLab has disclosed several vulnerabilities, including XSS injection, DoS and others.
Search at Netlas.io:
๐ Link: https://nt.ls/50gFr
๐ Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/02/12/patch-release-gitlab-17-8-2-released/
With the new release, GitLab has disclosed several vulnerabilities, including XSS injection, DoS and others.
Search at Netlas.io:
๐ Link: https://nt.ls/50gFr
๐ Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/02/12/patch-release-gitlab-17-8-2-released/
๐ฅ3๐พ3๐1
CVE-2025-1094: Improper Neutralization of Quoting Syntax in PostgreSQL functions, 8.1 ratingโ๏ธ
A vulnerability in some functions of the libpq library allows SQL injection.
Search at Netlas.io:
๐ Link: https://nt.ls/EtVPc
๐ Dork: postgres:*
Vendor's advisory: https://www.postgresql.org/support/security/CVE-2025-1094/
A vulnerability in some functions of the libpq library allows SQL injection.
Search at Netlas.io:
๐ Link: https://nt.ls/EtVPc
๐ Dork: postgres:*
Vendor's advisory: https://www.postgresql.org/support/security/CVE-2025-1094/
๐ฅ3โค2๐พ2
CVE-2024-12562: Deserialization of Untrusted Data in s2member Pro WordPress Plugin, 9.8 rating ๐ฅ
The vulnerability allows attackers to inject PHP Object on all versions of the plugin, except the latest.
Search at Netlas.io:
๐ Link: https://nt.ls/GqND6
๐ Dork: http.body:"plugins/s2member"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/s2member-pro/s2member-pro-241216-unauthenticated-php-object-injection
The vulnerability allows attackers to inject PHP Object on all versions of the plugin, except the latest.
Search at Netlas.io:
๐ Link: https://nt.ls/GqND6
๐ Dork: http.body:"plugins/s2member"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/s2member-pro/s2member-pro-241216-unauthenticated-php-object-injection
๐2๐ฅ2๐พ1
CVE-2025-26465, -26466: Two vulnerabilities in OpenSSH, 6.8 ratingโ๏ธ
MitM and DoS in OpenSSH. The severity level is medium, but the vulnerabilities cover many versions: from 2013 for -26465 and from 2023 for -26466.
Search at Netlas.io:
๐ Link: https://nt.ls/1TTrj
๐ Dork: ssh.server_key_exchange.client_to_server_compression:"zlib@openssh.com"
Read more: https://blog.qualys.com/vulnerabilities-threat-research/2025/02/18/qualys-tru-discovers-two-vulnerabilities-in-openssh-cve-2025-26465-cve-2025-26466
MitM and DoS in OpenSSH. The severity level is medium, but the vulnerabilities cover many versions: from 2013 for -26465 and from 2023 for -26466.
Search at Netlas.io:
๐ Link: https://nt.ls/1TTrj
๐ Dork: ssh.server_key_exchange.client_to_server_compression:"zlib@openssh.com"
Read more: https://blog.qualys.com/vulnerabilities-threat-research/2025/02/18/qualys-tru-discovers-two-vulnerabilities-in-openssh-cve-2025-26465-cve-2025-26466
๐ฅ3๐2๐พ1
๐ Track Adversary Infrastructure Challenge
Join the challenge by Netlas and RST Cloud to improve your threat-hunting skills.
- Learn to detect C2 servers and investigate real threats.
- Compete for prizes: ๐ $1000, ๐ฅ $500, ๐ฅ $250.
- Top 10 winners receive Netlas Annual Business Subscription and RST IoC Lookup Subscription.
- All participants get a certificate of completion.
- Free 1-month access to Netlas for practice.
๐ก Whatโs included:
- Webinar on threat intelligence and C2 tracking.
- Hands-on challenge with Netlas and RST Cloud tools.
- Discord community for support and collaboration.
๐ Invite a friend to team up and participate: https://netlas.io/promo/ti-challenge/
Join the challenge by Netlas and RST Cloud to improve your threat-hunting skills.
- Learn to detect C2 servers and investigate real threats.
- Compete for prizes: ๐ $1000, ๐ฅ $500, ๐ฅ $250.
- Top 10 winners receive Netlas Annual Business Subscription and RST IoC Lookup Subscription.
- All participants get a certificate of completion.
- Free 1-month access to Netlas for practice.
๐ก Whatโs included:
- Webinar on threat intelligence and C2 tracking.
- Hands-on challenge with Netlas and RST Cloud tools.
- Discord community for support and collaboration.
๐ Invite a friend to team up and participate: https://netlas.io/promo/ti-challenge/
netlas.io
Track Adversary Infrastructure Challenge with Netlas & RST Cloud โ Hunt, Learn, Win! - Netlas
Join the ultimate threat intelligence challenge! Hunt hacker infrastructure with Netlas, win cash prizes, and get exclusive Netlas & RST Cloud subscriptions.
๐พ5โค4๐ฅ3
CVE-2025-23209: Code Injection in CraftCMS, 8.1 ratingโ๏ธ
Craft CMS contains a code injection vulnerability that allows for remote code execution as vulnerable versions have compromised user security keys.
Search at Netlas.io:
๐ Link: https://nt.ls/brxoj
๐ Dork: http.headers.x_powered_by:"Craft CMS"
Vendor's advisory: https://github.com/craftcms/cms/security/advisories/GHSA-x684-96hh-833x
Craft CMS contains a code injection vulnerability that allows for remote code execution as vulnerable versions have compromised user security keys.
Search at Netlas.io:
๐ Link: https://nt.ls/brxoj
๐ Dork: http.headers.x_powered_by:"Craft CMS"
Vendor's advisory: https://github.com/craftcms/cms/security/advisories/GHSA-x684-96hh-833x
โค2๐ฅ2๐พ2
Netlas.io pinned ยซ๐ Track Adversary Infrastructure Challenge Join the challenge by Netlas and RST Cloud to improve your threat-hunting skills. - Learn to detect C2 servers and investigate real threats. - Compete for prizes: ๐ $1000, ๐ฅ $500, ๐ฅ $250. - Top 10 winners receiveโฆยป
CVE-2025-26794: SQL Injection in Exim 4.98, 7.5 ratingโ๏ธ
A vulnerability in the Exim mail transfer agent could allow a remote attacker to perform SQL injection.
Search at Netlas.io:
๐ Link: https://nt.ls/ge4Iy
๐ Dork: smtp.banner:"Exim 4.98"
Vendor's advisory: https://www.exim.org/static/doc/security/CVE-2025-26794.txt
A vulnerability in the Exim mail transfer agent could allow a remote attacker to perform SQL injection.
Search at Netlas.io:
๐ Link: https://nt.ls/ge4Iy
๐ Dork: smtp.banner:"Exim 4.98"
Vendor's advisory: https://www.exim.org/static/doc/security/CVE-2025-26794.txt
๐พ3๐ฅ2๐1
CVE-2025-1128: RCE in Everest Forms WordPress Plugin, 9.8 rating ๐ฅ
The vulnerability allows an unauthenticated attacker to perform a wide range of actions with the site: upload arbitrary files, RCE, delete config files.
Search at Netlas.io:
๐ Link: https://nt.ls/q6pgJ
๐ Dork: http.body:"plugins/everest-forms"
Read more: https://www.wordfence.com/blog/2025/02/100000-wordpress-sites-affected-by-arbitrary-file-upload-read-and-deletion-vulnerability-in-everest-forms-wordpress-plugin/
The vulnerability allows an unauthenticated attacker to perform a wide range of actions with the site: upload arbitrary files, RCE, delete config files.
Search at Netlas.io:
๐ Link: https://nt.ls/q6pgJ
๐ Dork: http.body:"plugins/everest-forms"
Read more: https://www.wordfence.com/blog/2025/02/100000-wordpress-sites-affected-by-arbitrary-file-upload-read-and-deletion-vulnerability-in-everest-forms-wordpress-plugin/
๐ฅ3๐พ2๐1
CVE-2025-24752: XSS in Elementor Page Builder, 7.1 ratingโ๏ธ
Reflected XSS in a large number of sites. Thanks to our friend Chirag Artani for suggesting the query!
Search at Netlas.io:
๐ Link: https://nt.ls/8wpei
๐ Dork: http.body:"plugins/elementor" AND host_type:domain
Read more: https://patchstack.com/articles/reflected-xss-patched-in-essential-addons-for-elementor-affecting-2-million-sites/
Reflected XSS in a large number of sites. Thanks to our friend Chirag Artani for suggesting the query!
Search at Netlas.io:
๐ Link: https://nt.ls/8wpei
๐ Dork: http.body:"plugins/elementor" AND host_type:domain
Read more: https://patchstack.com/articles/reflected-xss-patched-in-essential-addons-for-elementor-affecting-2-million-sites/
๐พ4โค2
CVE-2025-20029: Command Injection in F5 BIG-IP, 8.8 ratingโ๏ธ
The vulnerability allows an attacker to escalate privileges, execute arbitrary commands, and manipulate system files. Not the latest vulnerability, but the PoC was published just recently!
Search at Netlas.io:
๐ Link: https://nt.ls/e17gN
๐ Dork: http.headers.server:"BigIP"
Vendor's advisory: https://my.f5.com/manage/s/article/K000148587
The vulnerability allows an attacker to escalate privileges, execute arbitrary commands, and manipulate system files. Not the latest vulnerability, but the PoC was published just recently!
Search at Netlas.io:
๐ Link: https://nt.ls/e17gN
๐ Dork: http.headers.server:"BigIP"
Vendor's advisory: https://my.f5.com/manage/s/article/K000148587
โค3๐ฅ2๐พ1
CVE-2024-47051: RCE in Mautic, 9.1 rating ๐ฅ
The vulnerability allows an attacker to conduct RCE through asset loading, as well as manipulate the file deletion process to delete arbitrary files.
Search at Netlas.io:
๐ Link: https://nt.ls/odIOX
๐ Dork: http.favicon.hash_sha256:67a5904d731636c114513a7df90d4d6bff7a3f690f305ef3487ac84844a5874e
Vendor's advisory: https://github.com/mautic/mautic/security/advisories/GHSA-73gx-x7r9-77x2
The vulnerability allows an attacker to conduct RCE through asset loading, as well as manipulate the file deletion process to delete arbitrary files.
Search at Netlas.io:
๐ Link: https://nt.ls/odIOX
๐ Dork: http.favicon.hash_sha256:67a5904d731636c114513a7df90d4d6bff7a3f690f305ef3487ac84844a5874e
Vendor's advisory: https://github.com/mautic/mautic/security/advisories/GHSA-73gx-x7r9-77x2
๐พ3โค2๐ฅ2
CVE-2025-23388, -23389: DoS and Unauthorized Access in Rancher, 8.2 - 8.4 ratingโ๏ธ
Two vulnerabilities, one of which allows an attacker to crash the Rancher server, and the second - to impersonate any other user by manipulating cookies.
Search at Netlas.io:
๐ Link: https://nt.ls/fCvlC
๐ Dork: http.favicon.hash_sha256:2d7adbc74e7c8941927d04e702acbff577d219fef8617c8c3014d34ae395525b
Vendor's advisory: https://github.com/rancher/rancher/security/advisories/GHSA-mq23-vvg7-xfm4
Two vulnerabilities, one of which allows an attacker to crash the Rancher server, and the second - to impersonate any other user by manipulating cookies.
Search at Netlas.io:
๐ Link: https://nt.ls/fCvlC
๐ Dork: http.favicon.hash_sha256:2d7adbc74e7c8941927d04e702acbff577d219fef8617c8c3014d34ae395525b
Vendor's advisory: https://github.com/rancher/rancher/security/advisories/GHSA-mq23-vvg7-xfm4
๐พ3๐ฅ2
CVE-2025-22224, -22225, -22226: Multiple vulnerabilities in VMware ESXi, 7.1 - 9.3 rating ๐ฅ
Three vulnerabilities affecting several VMware products, including ESXi. Includes Code Exection, Sandbox Escape and Memory Leak.
Search at Netlas.io:
๐ Link: https://nt.ls/9Iw92
๐ Dork: http.title:"+ ID_EESX_Welcome +"
Vendor's advisory: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390
Three vulnerabilities affecting several VMware products, including ESXi. Includes Code Exection, Sandbox Escape and Memory Leak.
Search at Netlas.io:
๐ Link: https://nt.ls/9Iw92
๐ Dork: http.title:"+ ID_EESX_Welcome +"
Vendor's advisory: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390
๐พ4๐ฅ3๐1
CVE-2025-26776: Unrestricted Upload of File with Dangerous Type in Chaty Pro WordPress Plugin, 10.0 rating ๐ฅ๐ฅ๐ฅ
The vulnerability allows an attacker to upload malicious files that can be used to take control of a website.
Search at Netlas.io:
๐ Link: https://nt.ls/DCwYC
๐ Dork: http.body:"plugins/chaty-pro"
Read more: https://patchstack.com/database/wordpress/plugin/chaty-pro/vulnerability/wordpress-chaty-pro-plugin-3-3-3-arbitrary-file-upload-vulnerability?_s_id=cve
The vulnerability allows an attacker to upload malicious files that can be used to take control of a website.
Search at Netlas.io:
๐ Link: https://nt.ls/DCwYC
๐ Dork: http.body:"plugins/chaty-pro"
Read more: https://patchstack.com/database/wordpress/plugin/chaty-pro/vulnerability/wordpress-chaty-pro-plugin-3-3-3-arbitrary-file-upload-vulnerability?_s_id=cve
๐ฅ4๐พ2
๐ง Planned Maintenance ๐ง
Short-term interruptions in service provision are possibleโ๏ธ
On the weekend of March 8-9, 2025, we will carry out work aimed at improving server stability and quality of service. All this time, the replicas will be disabled, which is why interruptions are possible in case of problems with the main server. We will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
Short-term interruptions in service provision are possibleโ๏ธ
On the weekend of March 8-9, 2025, we will carry out work aimed at improving server stability and quality of service. All this time, the replicas will be disabled, which is why interruptions are possible in case of problems with the main server. We will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
๐จโ๐ป3
CVE-2025-27622, -27623, -27624, -27625: Multiple vulnerabilitites in Jenkins, medium ratingโ๏ธ
The vulnerabilities allow attackers to view encrypted secret values โโand potentially store attacker-controlled content in other users' profiles.
Search at Netlas.io:
๐ Link: https://nt.ls/SyXh2
๐ Dork: http.headers.x_jenkins:*
Vendor's advisory: https://www.jenkins.io/security/advisory/2025-03-05/
The vulnerabilities allow attackers to view encrypted secret values โโand potentially store attacker-controlled content in other users' profiles.
Search at Netlas.io:
๐ Link: https://nt.ls/SyXh2
๐ Dork: http.headers.x_jenkins:*
Vendor's advisory: https://www.jenkins.io/security/advisory/2025-03-05/
๐ฅ3๐พ3๐1
โ๏ธTemporary Issues with Private Scanner โ๏ธ
While expanding disk space, we encountered unexpected issues that temporarily affected one of our servers. As a result, Private Scanner is currently unavailable. All other functions work properly.
Our team is actively working on a fix, and the service will be restored by the end of the week โ possibly sooner.
We appreciate your patience and apologize for the inconvenience!
While expanding disk space, we encountered unexpected issues that temporarily affected one of our servers. As a result, Private Scanner is currently unavailable. All other functions work properly.
Our team is actively working on a fix, and the service will be restored by the end of the week โ possibly sooner.
We appreciate your patience and apologize for the inconvenience!
๐4๐2